Do you have a specific lib for each app that connects to LDAP? If so, you can search for those files per app and then run a report
You can look at network traffic going over 389/636/3269, but that is not ideal because when you run a discovery, that will capture that moment in time, which means that app may or may not be connecting to ldap that very second. You could use the network flow analyzer to get traffic for a specific amount of time and analyze that, but that is Server communication, not App communication
I would "assume" any app that is using LDAP will have some type of configuration set, so if you can parse a file (which would be different for each app), then that would work
On the flip side of it, you can monitor the LDAP Server itself, my issue with this is that usually there are more than 1 LDAP server and you would need to compile a list. The second part of the problem is similar to what I mentioned before, it will tell what Server the communication is coming from, not the app itself, but based on your environment, if its one app per server, that would suffice
If it was me, as a trial and error, is create a blueprint to scan program files \ program data to parse any configuration file for the LDAP server string Along with some common file names for ldap libraries
Original Message:
Sent: 09-27-2021 05:59 AM
From: Aqib Khan
Subject: LDAP integration blueprint
hello there,
i need to discovery how many applications using LDAP integration? can it be done using BluePrint or not.
if yes, hint something please.
thanks in advance